Friday, May 1, 2009

Alibi everywhere

Many of our daily activities are time-stamped and can become our permanent records if we wish.

Take web browsers or mailers for example. Each visit of a web page is recorded in the browser history file, complete with the title and URL (address) of the page, and date time of the visit. For emailing, every outgoing message carries with it the time the message is sent and a copy is usually stored in the Sent folder of the mailer.

Some people are afraid that such information might become incriminating, so they deliberately delete such records. For example, a kid who has spent a few hours using family computer visiting sites that parents do not approve may delete the browser history before parents come back from work.

Sometimes, such records can become useful alibi or evidences.

Here is a real example. I received a bill from a consultant, charging me for two hours of meeting time from 3 to 5 on 2009-02-20. I pointed out to the consultant that the meeting took less than an hour, but he insisted that two hours were correct. If there are no records to prove one way or the other, this would be his words against mine. There are many potentially useful records to look into, such as parking records for the meeting, shopping receipt at a Seven-Eleven on my way back from consultant's office, or charge receipt at a gas pump, etc. I found supporting evidence from my office Mac's Firefox browser history file. It showed that

at 2:43PM, I visited Mapquest for direction to the consultant's office, and

at 4:45 PM, I was using Gmail in my office

Since it takes at least 20 minutes to get back from his office to my office, I could not possibly be in his office after 4:25. This shows that the meeting could not possibly be two hours.

If you need such time records,

think about things you did that carried a time-stamp such as phone calls, visit to ATM machines, editing a file on your PC, etc.

Usually, the time records stored on a server that you cannot alter are more trusted than the records in your possession. For example, phone call records provided by the phone company or the access record on a web server that matches your browser history file should be accepted as trustworthy.